help with rndc fail

pyh at mail.nsbeta.info pyh at mail.nsbeta.info
Sat Jan 15 03:17:37 UTC 2011 

And, the named version is: 

# named -v
BIND 9.6.1-P2 

I'm pretty sure the secret in both named.conf and rndc.conf are the same.
Thanks. 


pyh at mail.nsbeta.info writes: 

> 
> Hello gurus,  
> 
> my rndc related commands in bind master with multi-views run fail,but in 
> slave it's running correctly.  
> 
> # rndc status
> rndc: connection to remote host closed
> This may indicate that
> * the remote server is using an older version of the command protocol,
> * this host is not authorized to connect,
> * the clocks are not synchronized, or
> * the key is invalid.  
> 
> Here is the named.conf for master.
> Please help,thanks in advance.  
> 
> -------------
> options {
>      directory "/var/cache/bind";
>      recursion no;
> };  
> 
> 
> # ACLs begin
> include "/etc/bind/tel.acl";
> include "/etc/bind/uni.acl";
> include "/etc/bind/edu.acl";
> # ACLs end  
> 
> 
> # views for ISP begin
> view "uni" {
>      match-clients {
>          key "unikey";
>          UNI;
>      };
>      allow-update {key "unikey";};
>      allow-transfer { key "unikey"; };
>      server 202.104.186.180 { keys "unikey"; };
> # zone begin uni
>      zone "test.nsbeta.info" {
>           type master;
>           file "test.nsbeta.info.uni.db";
>      };
> # zone end uni
> };  
> 
> view "edu" {
>      match-clients {
>          key "edukey";
>          EDU;
>      };
>      allow-update {key "edukey";};
>      allow-transfer { key "edukey"; };
>      server 202.104.186.180 { keys "edukey"; };
> # zone begin edu
>      zone "test.nsbeta.info" {
>           type master;
>           file "test.nsbeta.info.edu.db";
>      };
> # zone end edu
> };  
> 
> view "tel" {
>      match-clients {
>          key "telkey";
>          any;
>      };
>      allow-update {key "telkey";};
>      allow-transfer { key "telkey"; };
>      server 202.104.186.180 { keys "telkey"; };
> # zone begin tel
>      zone "test.nsbeta.info" {
>           type master;
>           file "test.nsbeta.info.tel.db";
>      };
> # zone end tel
> };
> # views for ISP end  
> 
> 
> # rndc key begin
> key "rndc-key" {
>      algorithm hmac-md5;
>      secret "SUpgZRkpZVeteRiTIxQw6w==";
> };  
> 
> controls {
>      inet 127.0.0.1 port 953
>              allow { 127.0.0.1; } keys { "rndc-key"; };
> };
> # rndc key end  
> 
> # customized keys begin
> key "edukey" {
>      algorithm hmac-md5;
>      secret "***";
> };
> key "unikey" {
>      algorithm hmac-md5;
>      secret "***";
> };
> key "telkey" {
>      algorithm hmac-md5;
>      secret "***";
> };
> # customized keys end
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list